From d332c31437f4bf05e798788bc0277ab73f63fbd2 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Sun, 29 Aug 2021 16:57:31 +0100 Subject: [PATCH] chacha20poly1305 0.9 We switch from the c2-chacha crate to the chacha20 crate, as the latter is now close to equivalent performance (equivalent when compiled with `RUSTFLAGS="-Ctarget-feature=+avx2"`), and is no longer optional upstream. --- Cargo.lock | 69 +++++++++++++++--------------------- age-core/Cargo.toml | 3 +- age-core/src/primitives.rs | 10 +++--- age/Cargo.toml | 3 +- age/src/primitives/stream.rs | 10 +++--- fuzz-afl/Cargo.lock | 55 +++++++++++----------------- fuzz/Cargo.lock | 55 +++++++++++----------------- 7 files changed, 81 insertions(+), 124 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8b747bf..2e25982 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -23,9 +23,9 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "aead" -version = "0.3.2" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331" +checksum = "6e3e798aa0c8239776f54415bc06f3d74b1850f3f830b45c35cfc80556973f70" dependencies = [ "generic-array", ] @@ -37,7 +37,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" dependencies = [ "cfg-if", - "cipher 0.3.0", + "cipher", "cpufeatures", "ctr", "opaque-debug", @@ -53,7 +53,6 @@ dependencies = [ "bcrypt-pbkdf", "bech32", "block-modes", - "c2-chacha", "chacha20poly1305", "console", "cookie-factory", @@ -95,7 +94,6 @@ name = "age-core" version = "0.6.0" dependencies = [ "base64", - "c2-chacha", "chacha20poly1305", "cookie-factory", "hkdf", @@ -243,7 +241,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2cb03d1bed155d89dce0f845b7899b18a9a163e148fd004e1c28421a783e2d8e" dependencies = [ "block-padding", - "cipher 0.3.0", + "cipher", ] [[package]] @@ -259,7 +257,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fe3ff3fc1de48c1ac2e3341c4df38b0d1bfb8fdf04632a187c8b75aaa319a7ab" dependencies = [ "byteorder", - "cipher 0.3.0", + "cipher", "opaque-debug", ] @@ -314,16 +312,6 @@ dependencies = [ "pkg-config", ] -[[package]] -name = "c2-chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e6002dbb7c65a76e516625443949a8b7bb0d0845fe6a3dc39e2dd7ae39dcb9c" -dependencies = [ - "cipher 0.2.5", - "ppv-lite86", -] - [[package]] name = "cast" version = "0.2.7" @@ -346,13 +334,26 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] -name = "chacha20poly1305" -version = "0.7.1" +name = "chacha20" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af1fc18e6d90c40164bf6c317476f2a98f04661e310e79830366b7e914c58a8e" +checksum = "f8c5d87765c99be3d2cb08d11a3c14820ecaf2c7ad45d301c533103d2d8a146c" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", + "zeroize", +] + +[[package]] +name = "chacha20poly1305" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b84ed6d1d5f7aa9bdde921a5090e0ca4d934d250ea3b402a5fab3a994e28a2a" dependencies = [ "aead", - "cipher 0.2.5", + "chacha20", + "cipher", "poly1305", "zeroize", ] @@ -370,15 +371,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "cipher" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12f8e7987cbd042a63249497f41aed09f8e65add917ea6566effbc56578d6801" -dependencies = [ - "generic-array", -] - [[package]] name = "cipher" version = "0.3.0" @@ -485,12 +477,6 @@ dependencies = [ "libc", ] -[[package]] -name = "cpuid-bool" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcb25d077389e53838a8158c8e99174c5a9d902dee4904320db714f3c653ffba" - [[package]] name = "crc32fast" version = "1.2.1" @@ -638,7 +624,7 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "049bb91fb4aaf0e3c7efa6cd5ef877dbbbd15b39dad06d9948de4ec8a75761ea" dependencies = [ - "cipher 0.3.0", + "cipher", ] [[package]] @@ -1664,11 +1650,12 @@ dependencies = [ [[package]] name = "poly1305" -version = "0.6.2" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b7456bc1ad2d4cf82b3a016be4c2ac48daf11bf990c1603ebd447fe6f30fca8" +checksum = "048aeb476be11a4b6ca432ca569e375810de9294ae78f4774e78ea98a9246ede" dependencies = [ - "cpuid-bool", + "cpufeatures", + "opaque-debug", "universal-hash", ] @@ -2068,7 +2055,7 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ecbd2eb639fd7cab5804a0837fe373cc2172d15437e804c054a9fb885cb923b0" dependencies = [ - "cipher 0.3.0", + "cipher", ] [[package]] diff --git a/age-core/Cargo.toml b/age-core/Cargo.toml index 47080ac..76f967c 100644 --- a/age-core/Cargo.toml +++ b/age-core/Cargo.toml @@ -17,8 +17,7 @@ maintenance = { status = "experimental" } base64 = "0.13" # - ChaCha20-Poly1305 from RFC 7539 -c2-chacha = "0.3" -chacha20poly1305 = { version = "0.7", default-features = false, features = ["alloc"] } +chacha20poly1305 = { version = "0.9", default-features = false, features = ["alloc"] } # - HKDF from RFC 5869 with SHA-256 hkdf = "0.11" diff --git a/age-core/src/primitives.rs b/age-core/src/primitives.rs index 2da9b9e..e921ea0 100644 --- a/age-core/src/primitives.rs +++ b/age-core/src/primitives.rs @@ -1,8 +1,8 @@ //! Primitive cryptographic operations used across various `age` components. use chacha20poly1305::{ - aead::{self, generic_array::typenum::Unsigned, Aead, NewAead}, - ChaChaPoly1305, + aead::{self, generic_array::typenum::Unsigned, Aead, AeadCore, NewAead}, + ChaCha20Poly1305, }; use hkdf::Hkdf; use sha2::Sha256; @@ -13,7 +13,7 @@ use sha2::Sha256; /// /// [RFC 7539]: https://tools.ietf.org/html/rfc7539 pub fn aead_encrypt(key: &[u8; 32], plaintext: &[u8]) -> Vec { - let c = ChaChaPoly1305::::new(key.into()); + let c = ChaCha20Poly1305::new(key.into()); c.encrypt(&[0; 12].into(), plaintext) .expect("we won't overflow the ChaCha20 block counter") } @@ -32,11 +32,11 @@ pub fn aead_decrypt( size: usize, ciphertext: &[u8], ) -> Result, aead::Error> { - if ciphertext.len() != size + as Aead>::TagSize::to_usize() { + if ciphertext.len() != size + ::TagSize::to_usize() { return Err(aead::Error); } - let c = ChaChaPoly1305::::new(key.into()); + let c = ChaCha20Poly1305::new(key.into()); c.decrypt(&[0; 12].into(), ciphertext) } diff --git a/age/Cargo.toml b/age/Cargo.toml index 5bb1376..b351165 100644 --- a/age/Cargo.toml +++ b/age/Cargo.toml @@ -21,8 +21,7 @@ age-core = { version = "0.6.0", path = "../age-core" } base64 = "0.13" # - ChaCha20-Poly1305 from RFC 7539 -c2-chacha = "0.3" -chacha20poly1305 = { version = "0.7", default-features = false, features = ["alloc"] } +chacha20poly1305 = { version = "0.9", default-features = false, features = ["alloc"] } # - X25519 from RFC 7748 x25519-dalek = "1" diff --git a/age/src/primitives/stream.rs b/age/src/primitives/stream.rs index 02ea696..f9c71c2 100644 --- a/age/src/primitives/stream.rs +++ b/age/src/primitives/stream.rs @@ -2,7 +2,7 @@ use chacha20poly1305::{ aead::{generic_array::GenericArray, Aead, NewAead}, - ChaChaPoly1305, + ChaCha20Poly1305, }; use pin_project::pin_project; use secrecy::{ExposeSecret, SecretVec}; @@ -24,9 +24,7 @@ const CHUNK_SIZE: usize = 64 * 1024; const TAG_SIZE: usize = 16; const ENCRYPTED_CHUNK_SIZE: usize = CHUNK_SIZE + TAG_SIZE; -pub(crate) struct PayloadKey( - pub(crate) GenericArray as NewAead>::KeySize>, -); +pub(crate) struct PayloadKey(pub(crate) GenericArray::KeySize>); impl Drop for PayloadKey { fn drop(&mut self) { @@ -89,14 +87,14 @@ struct EncryptedChunk { /// /// [STREAM]: https://eprint.iacr.org/2015/189.pdf pub(crate) struct Stream { - aead: ChaChaPoly1305, + aead: ChaCha20Poly1305, nonce: Nonce, } impl Stream { fn new(key: PayloadKey) -> Self { Stream { - aead: ChaChaPoly1305::new(&key.0), + aead: ChaCha20Poly1305::new(&key.0), nonce: Nonce::default(), } } diff --git a/fuzz-afl/Cargo.lock b/fuzz-afl/Cargo.lock index c33be45..65fc99f 100644 --- a/fuzz-afl/Cargo.lock +++ b/fuzz-afl/Cargo.lock @@ -8,9 +8,9 @@ checksum = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" [[package]] name = "aead" -version = "0.3.2" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331" +checksum = "0b613b8e1e3cf911a086f53f03bf286f52fd7a7258e4fa606f0ef220d39d8877" dependencies = [ "generic-array", ] @@ -35,7 +35,6 @@ dependencies = [ "age-core", "base64", "bech32", - "c2-chacha", "chacha20poly1305", "cookie-factory", "hkdf", @@ -61,7 +60,6 @@ name = "age-core" version = "0.6.0" dependencies = [ "base64", - "c2-chacha", "chacha20poly1305", "cookie-factory", "hkdf", @@ -132,16 +130,6 @@ version = "1.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" -[[package]] -name = "c2-chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e6002dbb7c65a76e516625443949a8b7bb0d0845fe6a3dc39e2dd7ae39dcb9c" -dependencies = [ - "cipher 0.2.5", - "ppv-lite86", -] - [[package]] name = "cc" version = "1.0.69" @@ -155,24 +143,28 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] -name = "chacha20poly1305" -version = "0.7.1" +name = "chacha20" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af1fc18e6d90c40164bf6c317476f2a98f04661e310e79830366b7e914c58a8e" +checksum = "f8c5d87765c99be3d2cb08d11a3c14820ecaf2c7ad45d301c533103d2d8a146c" dependencies = [ - "aead", - "cipher 0.2.5", - "poly1305", + "cfg-if", + "cipher", + "cpufeatures", "zeroize", ] [[package]] -name = "cipher" -version = "0.2.5" +name = "chacha20poly1305" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12f8e7987cbd042a63249497f41aed09f8e65add917ea6566effbc56578d6801" +checksum = "3b84ed6d1d5f7aa9bdde921a5090e0ca4d934d250ea3b402a5fab3a994e28a2a" dependencies = [ - "generic-array", + "aead", + "chacha20", + "cipher", + "poly1305", + "zeroize", ] [[package]] @@ -214,12 +206,6 @@ dependencies = [ "libc", ] -[[package]] -name = "cpuid-bool" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcb25d077389e53838a8158c8e99174c5a9d902dee4904320db714f3c653ffba" - [[package]] name = "crypto-mac" version = "0.11.1" @@ -621,11 +607,12 @@ dependencies = [ [[package]] name = "poly1305" -version = "0.6.2" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b7456bc1ad2d4cf82b3a016be4c2ac48daf11bf990c1603ebd447fe6f30fca8" +checksum = "048aeb476be11a4b6ca432ca569e375810de9294ae78f4774e78ea98a9246ede" dependencies = [ - "cpuid-bool", + "cpufeatures", + "opaque-debug", "universal-hash", ] @@ -822,7 +809,7 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ecbd2eb639fd7cab5804a0837fe373cc2172d15437e804c054a9fb885cb923b0" dependencies = [ - "cipher 0.3.0", + "cipher", ] [[package]] diff --git a/fuzz/Cargo.lock b/fuzz/Cargo.lock index 3a6a6b1..c8541fc 100644 --- a/fuzz/Cargo.lock +++ b/fuzz/Cargo.lock @@ -8,9 +8,9 @@ checksum = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" [[package]] name = "aead" -version = "0.3.2" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331" +checksum = "0b613b8e1e3cf911a086f53f03bf286f52fd7a7258e4fa606f0ef220d39d8877" dependencies = [ "generic-array", ] @@ -22,7 +22,6 @@ dependencies = [ "age-core", "base64", "bech32", - "c2-chacha", "chacha20poly1305", "cookie-factory", "hkdf", @@ -48,7 +47,6 @@ name = "age-core" version = "0.6.0" dependencies = [ "base64", - "c2-chacha", "chacha20poly1305", "cookie-factory", "hkdf", @@ -107,16 +105,6 @@ version = "1.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" -[[package]] -name = "c2-chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e6002dbb7c65a76e516625443949a8b7bb0d0845fe6a3dc39e2dd7ae39dcb9c" -dependencies = [ - "cipher 0.2.5", - "ppv-lite86", -] - [[package]] name = "cc" version = "1.0.69" @@ -130,24 +118,28 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] -name = "chacha20poly1305" -version = "0.7.1" +name = "chacha20" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af1fc18e6d90c40164bf6c317476f2a98f04661e310e79830366b7e914c58a8e" +checksum = "f8c5d87765c99be3d2cb08d11a3c14820ecaf2c7ad45d301c533103d2d8a146c" dependencies = [ - "aead", - "cipher 0.2.5", - "poly1305", + "cfg-if", + "cipher", + "cpufeatures", "zeroize", ] [[package]] -name = "cipher" -version = "0.2.5" +name = "chacha20poly1305" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12f8e7987cbd042a63249497f41aed09f8e65add917ea6566effbc56578d6801" +checksum = "3b84ed6d1d5f7aa9bdde921a5090e0ca4d934d250ea3b402a5fab3a994e28a2a" dependencies = [ - "generic-array", + "aead", + "chacha20", + "cipher", + "poly1305", + "zeroize", ] [[package]] @@ -174,12 +166,6 @@ dependencies = [ "libc", ] -[[package]] -name = "cpuid-bool" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcb25d077389e53838a8158c8e99174c5a9d902dee4904320db714f3c653ffba" - [[package]] name = "crypto-mac" version = "0.11.1" @@ -590,11 +576,12 @@ dependencies = [ [[package]] name = "poly1305" -version = "0.6.2" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b7456bc1ad2d4cf82b3a016be4c2ac48daf11bf990c1603ebd447fe6f30fca8" +checksum = "048aeb476be11a4b6ca432ca569e375810de9294ae78f4774e78ea98a9246ede" dependencies = [ - "cpuid-bool", + "cpufeatures", + "opaque-debug", "universal-hash", ] @@ -782,7 +769,7 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ecbd2eb639fd7cab5804a0837fe373cc2172d15437e804c054a9fb885cb923b0" dependencies = [ - "cipher 0.3.0", + "cipher", ] [[package]]